XPath Injection

Description

XPath injection is a type of vulnerability that allows attackers to execute arbitrary queries on XML databases. XPath injection vulnerabilities are similar to SQL injection vulnerabilities, but they affect XML databases instead of SQL databases. XPath injection is often more dangerous than SQL injection, because permissions are not enforced and the malicious queries can access every part of the XML documents. XPath injection applies to any application that uses XPath to query XML documents.

Impact

XPath injection attacks might allow an attacker to retrieve, manipulate, or destroy data stored in XML documents. The exact impact depends on the type of XML data that is exposed via XPath injection. If authentication data is exposed, the attacker is able to take over any user account. By taking over the administrator's account, the attacker is able to take full control of the application.

Countermeasures

To prevent this vulnerability, validate all input and use parameterized APIs if possible.